MicroStrategy administration is centralized in a single metadata repository, which can store information about all the different reports and objects necessary for many different business departments. Access to the reporting objects in your MicroStrategy metadata repository is restricted based on the permissions and privileges held by each individual MicroStrategy user. Every Suite user who logs into the MicroStrategy system should have a unique MicroStrategy login. This enables system administrators to grant those users access to the appropriate data, and to track all changes made in your MicroStrategy project.
You can control access to your MicroStrategy project in three ways:
• Privileges control what functionality in the MicroStrategy system the user has access to. For example, a user who does not have the Use Metric Editor privilege cannot create or edit metrics. Privileges are assigned to the user’s account by right-clicking the user and selecting Edit.
• Security filters control what data the user has access to. For example, a user who has a security filter that restricts him to only the California Central Region element of the Region attribute cannot view any data for any other state or region. Security filters are assigned to the user’s account by right-clicking the user and selecting Edit.
• Permissions control what objects in the MicroStrategy system the user has access to. For example, a user who has the Write permission for a metric can make changes to the metric’s definition, while a user who only has the Execute permission can run reports containing the metric but cannot change that metric.
Each MicroStrategy object has an access control list (ACL), which
specifies the permissions that each MicroStrategy user has for that object. Permissions are assigned to the objects in MicroStrategy by right-clicking the object, selecting Properties, then selecting Security.
User groups can be granted privileges, security filters, and permissions in the same way as individual users. A user can be a member of multiple groups, and inherit the security settings from each group.
Steps are below to create a user, create and apply a security filter to a user, and set permissions for a user to access (or restrict access to) an object. For complete details related to user and object security, see the Setting Up User
Security chapter in the MicroStrategy System Administration Guide.
To create a user and configure its security profile
1 In MicroStrategy Desktop, log in to the project source you create. For information on connecting to a data source, see To establish an Intelligence Server connection to the metadata repository, page 24.
2 In Desktop, on the left side, expand Administration and then expand
User Manager.
To create a user
3 Right-click Everyone, point to New, and select User. The User Editor opens, as shown below.
4 Type the basic user information, such as login name, full name, and password, in the fields. For detailed information about each field, click
To assign privileges to the user
5 On the left side of the User Editor, under User Definition select Project
Access.
6 Select the check boxes for the privileges or privilege groups you want the user to have. For a detailed description of every privilege in
MicroStrategy, see the Permissions and Privileges chapter in the
To assign a security filter to the user
7 On the left side of the User Editor, under User Definition, select Security
Filter.
8 Select your project from the Projects that have been granted access drop-down list and click View. The Security Filter Manager opens.
9 Since you are just starting out with MicroStrategy, you can create a new security filter and then assign it to the user. You can apply your new security filter to any other user you add. To create a new security filter, click New.
10 Define the conditions for the security filter by creating qualifications or adding qualifications to the new security filter. These qualifications define the data the user is allowed to view on a report. To do this, double-click in the Filter Definition pane on the right. The Filtering Options pane opens.
11 Select Add an Attribute Qualification and click OK.
12 Select an attribute depending on what type of data you want the security filter to apply to:
• To filter data related to an attribute’s form:
a Select the attribute whose form you want to qualify data on. b In the Attribute Qualification pane, from the Qualify On
drop-down list, click the attribute form on which you want to qualify the report.
c Click an operator in the Operator list.
d In the Value field, type the value to use to qualify on the attribute form; this is the value that will be compared against the data in your data source.
• To filter data based on elements of an attribute:
a Select the attribute that has the elements on which you want to qualify.
b In the Attribute Qualification pane, from the Qualify On drop-down list, select Elements.
c From the Operator drop-down list, select either In List (to define what attribute elements the filter should include data for) or Not
In List (to define what attribute elements the filter should exclude data for).
d Click Add.
e In the Available Objects list, select attribute elements and then click the right arrow > to add them to the Selected Objects list. Then click OK to close the Selected Objects dialog box.
For details on each option to create a security filter, click Help.
13 Click OK to close the Attribute Qualification pane.
15 To assign a security filter to the user you created above, select the security filter and click the right arrow >. The selected security filter is moved to the Security Filters area.
16 Click OK. The Security Filter Manager closes and the selected security filters are assigned to this user for your MicroStrategy reporting project and any other projects you later create within this project source.
17 Click OK. The User Editor closes and the user is created.
To set permissions for a user on a specific object
1 Browse to the object (usually an attribute or metric) that you want to set permissions for.
2 Right-click the object and select Properties. The Object Properties dialog box opens. On the left, select Security.
3 Click Add. The Select Desktop Users and Groups dialog box opens, as shown below.
4 Select the Show Users check box.
5 In the list of users, select the user you want to change permissions for.
6 Click OK. The Select Desktop Users and Groups dialog box closes, and the user is listed in the Permissions area of the Object Properties dialog box, as shown below.
7 Locate the user name in the User column and click the Object column next to the user name. Select the desired permission from the drop-down list.
8 Click OK. The Object Properties dialog box closes, and the user’s permissions for the object are saved.
A
A.
TROUBLESHOOTING
Introduction
This appendix provides answers and solutions for common questions and issues you may encounter when installing, configuring, or using the MicroStrategy Suite software.